argus: argus - RAG based vulnerability scanner

imtaqin May 15, 2026 1 min read

3 views

The problem

Vulnerability scanners are part of most security pipelines. They flag dependencies based on known CVEs (Common Vulnerabilities and Ex

tr). The list of flagged items returns common vulnerability. Compare entire version history. Not fully action.

Consider CI pipeline. Detected, but leave decision.

The standard: Heavy scanner list. Only ends.

The approach

argus uses retrieval augmented generation (RAG) technique. Scan dependencies. Collect vulnerability contexts. Build docs for conclusion. Actually add to query retrieval improvement.

RAG are intrinsic to vulnerability scanning: collecting, formulation, retrieval.

This scanner uses RAG technique.

Trying it out

argus built in Go language. The setup using Docker, go, pip.

Commands:

docker run. go sum.

Use. the setup using Docker.

What it doesn't do

argus has 15 stars.

Many alternatives offer similar. None fully documented. With limited usage.

Closing paragraph

argus is RAG based vulnerability scanner. Use the technique. The setup: Go language, Docker, pip

. The source is at argus. Check at argus.

Comments

Your email will not be published.

Loading comments...

Comments

Related Posts

An overview of CVE, an open-source project on GitHub

honeyslop: code canaries to quickly triage hallucinated ('slop') vulnerability reports

Copy: open-source project for self-hosters

patch: 安全漏洞与系统故障知识库 | Security Vulnerability & System Troubleshooting Toolbox